Running Commercial Linux Software on FreeBSD

One of the more intriguing capabilities of the BSD operating systems is their ability to run binaries for other Unix-like operating systems. I recently found myself requiring the commercial PGP Command Line for a project. Rather than install a Linux box just for this one piece of software, I jumped through some hoops and made it work perfectly on one of my existing FreeBSD systems. Getting a random piece of commercial Linux software running on a FreeBSD system isn't always as transparent as you might like, but you can do it with a minimum of fuss if you have a few extra troubleshooting skills.

Those of you familiar with OpenPGP are probably wondering why I wouldn't just use GnuPG. While GnuPG handles pure OpenPGP functions quite well, PGP Command Line has specific abilities that GnuPG lacks. For example, some government standards require that a company be able to decrypt data even if the private key owner is unwilling to provide the private key. PGP software uses an Additional Decryption Key (ADK) to support this. (After guarding my private keys for years, I freely admit that the idea of ADK makes my bowels churn--but as it's not mandatory, I can see where a corporation would need this.) PGP Command Line also has the ability to make self-extracting PGP Zip files, which is rather useful. There's always the IDEA patent issue--although if you need IDEA, you probably have other problems! PGP Command Line comes in a .zip file containing the binaries for all the supported platforms and a few instructions in PDF format. You also get license codes tied to your name, organization, and email address.

To run Linux software on FreeBSD, you must configure your FreeBSD system, use the RPM package management tool to install it in the Linux environment, and finally tune the installed software to match the requirements of the Linux subsystem. The first part is well documented, but the rest is murky to many BSD administrators.

Linux Compatibility Setup

Start by confirming that your FreeBSD system is configured to run Linux binaries. Your kernel must have the Linux mode kernel module loaded. The simplest way to check is with kldstat(8):

# kldstat | grep linux
7 1 0xc1c7b000 18000 linux.ko
#

If you don't get anything back, go to /etc/rc.conf and add an entry to enable Linux mode.

linux_enable="YES"

You also need a subset of a standard Linux userland under /usr/compat/linux. I used a Red Hat 9 userland for this article, as found in /usr/ports/emulators/linux_base-rh-9. If you have a dual-boot FreeBSD/Linux system and are willing to play around a little, you might want to mount your Linux userland under /usr/compat/. While you might encounter different issues if you use a different version of Linux userland, the general process given here will still be valid.

Many Linux programs also require a Linux-style procfs. FreeBSD has deprecated procfs in favor of sysctl(8), but many Linux programs still require it. If you install from a port, the port may configure a Linux procfs for you. If not, add the following line to /etc/fstab:

linproc /compat/linux/proc linprocfs rw 0 0

You cannot mount this filesystem until your Linux userland is installed.

Once your kernel is configured, you have a Linux userland installed, and /etc/fstab lists a Linux procfs, you should reboot your computer. Confirm that everything works with kldstat(8) and df(1) before continuing.

Installing Linux RPMs on FreeBSD

If BSD's ports system has spoiled you, RPM may appear obtuse and arcane. It really isn't any worse than pkg_add--the headaches are simply in different spots. You must use some additional RPM features to install Linux packages on FreeBSD. First, the --ignoreos flag tells rpm(8) not to worry about the fact that you're not installing on a Linux box. The --root option gives the root of the filesystem you're installing in--in this case, /usr/compat/linux. This will prevent overwriting your native FreeBSD binaries!

PGP Command Line needs libxml2.so.2, and it's not available on the system. Did I mention that RPM had its own headaches? Dependency is one of them. The BSD ports system mostly eliminates dependency problems, so this kind of issue tends to give us fits. Linux users all have their favorite ways to solve dependency problems, but here's the method that works for me. First, confirm that this library really isn't on your system.

OK, it's really not there. Go to an RPM search site and find the appropriate RPM. I find that rpmfind.net gives me the best results, but you might have your own favorites. Choose only an RPM built for the Linux userland you have on your system. You wouldn't think of installing a FreeBSD 7 package on your FreeBSD 4 system, and Linux doesn't like that sort of thing any better. Once you download and install the RPM, try to install PGP Command Line again.